📊 GitHub Stats
I’m MJ, a cybersecurity engineer with 15+ years of experience building detection-driven systems that integrate tightly with modern data engineering and automation stacks. My focus is on scaling threat detection with real-time data pipelines, automation-first design, and advanced analytics.
- Built pipelines for ingesting, transforming, and correlating security telemetry at scale
- Designed schema and enrichment strategies to power threat detection and investigations
- Applied SQL, Python, and serverless patterns to create flexible, low-latency data flows
- Integrated modern tooling (e.g., dbt, Apache Iceberg, and EventBridge) for dynamic, versioned security data lakes
- Built SOC and IR programs from scratch — tech, team, and workflows
- Deployed EDR, SIEM, SOAR, and AI-driven agents to unify detection across platforms
- Developed threat content and response playbooks — reduced MTTR by over 60%
| Stack | Area | Key Contributions |
|---|---|---|
| Golang / Python | Custom orchestration | Red Canary, Jira, Slack, MFA flows |
| AWS Serverless | Automation backend | Lambda, EventBridge, DynamoDB |
| SQL | Data pipelines | Baselining, time-series correlation, rule tuning |
| Datadog / Splunk | SIEM / Telemetry | Threat hunting dashboards, detection logic |
I contribute to open-source projects and mentor up-and-coming security and data engineers.
- AI x Security — adversarial ML, LLM-powered SOC tooling
- Streaming data pipelines for sub-minute detection windows
- Detection engineering at scale — analytics for evolving attacker behavior
“Security is not a product, but a process.” — Bruce Schneier
I turn data into that process.